CYBER SECURITY FUNDAMENTALS EXAM NEWEST
2026 ACTUAL EXAM TEST BANK| 2 VERSIONS
(VERSION A & B) WITH COMPLETE 350 REAL EXAM
QUESTIONS AND CORRECT VERIFIED ANSWERS/
ALREADY GRADED A+ (MOST RECENT!!)
A firewall that tracks open connection-oriented protocol sessions is said
to be: - ANSWER - Stateful
During which phase of the system development lifecycle (SDLC) should
security first be considered? - ANSWER - Planning
A cybersecurity architecture designed around the concept of a perimeter
is said to be: - ANSWER - System-Centric
A passive network hub operates at which layer of the OSI model? -
ANSWER - Physical
Updates in cloud-computing environments can be rolled out quickly
because the environment is: - ANSWER - Homogenous
During which phase of the six-phase incident response model is the root
cause determined? - ANSWER - Eradication
pg. 1
,The attack mechanism directed against a system is commonly called
a(n): - ANSWER - Payload
Where should an organization's network terminate virtual private
network (VPN) tunnels? - ANSWER - At the perimeter, to allow for
effective internal monitoring
Which two factors are used to calculate the likelihood of an event? -
ANSWER - Threat and Vulnerability
What kind of anti-malware program evaluates system processes based
on their observed behaviors? - ANSWER - Heuristic
Under the US-CERT model for incident categorization, a CAT-3 incident
refers to which of the following? - ANSWER - Malicious Code
Securing Supervisory Control and Data Acquisition (SCADA) systems
can be challenging because they: - ANSWER - Operate in specialized
environments and often have non-standard design elements
Virtual systems should be managed using a dedicated virtual local area
network (VLAN) because: - ANSWER - Insecure protocols could result
in a compromise of privileged user credentials
pg. 2
,An interoperability error is what type of vulnerability? - ANSWER -
Emergent
In accordance with AR 25-2, whose responsibility is it to ensure all users
receive initial and annual IA awareness training? - ANSWER - IASO
What is the current DoD repository for sharing security authorization
packages and risk assessment data with Authorizing officials? -
ANSWER - Army Portfolio Management System (APMS)
What are the three main cloud computing service models - ANSWER -
Software as a Service, platform as a Service and Infrastructure as a
Service
What is a Distributed Denial-of-Service attack? - ANSWER - It occurs
when multiple machines are operating together to attack one target
What are the four objectives of planning for security - ANSWER -
Identify, design, test and monitor
What is a Virtual Private Network used for - ANSWER - Allows
employees to connect securely to their network when away from the
office
SSID stands for - ANSWER - Service Set Identifier
pg. 3
, The two common denial-of-service attacks are - ANSWER - rootkits and
botnets
What does LAMP stands for - ANSWER - Linux, Apache, My SQL and
PHP
What are rootkits - ANSWER - A piece of software that can be installed
and hidden on your computer without your knowledge
How often do all cybersecurity workforce personnel take the
Cybersecurity Fundamental training IAW DA PAM 25-2-6 - ANSWER -
Every year
What does an Incident Response Plans allows for - ANSWER - A timely
and controlled response to security incidents, and attempts to mitigate
any damage or lose
According to DoD 8570.01-M, the IA technical category consists of how
many levels? - ANSWER - I, II, & III
_____________your wireless data prevents anyone who might be able to
access your network from viewing it - ANSWER - Encrypting
Identify the security services of cryptography. - ANSWER -
Confidentiality, Integrity, Authentication, and Non-repudiation
pg. 4
2026 ACTUAL EXAM TEST BANK| 2 VERSIONS
(VERSION A & B) WITH COMPLETE 350 REAL EXAM
QUESTIONS AND CORRECT VERIFIED ANSWERS/
ALREADY GRADED A+ (MOST RECENT!!)
A firewall that tracks open connection-oriented protocol sessions is said
to be: - ANSWER - Stateful
During which phase of the system development lifecycle (SDLC) should
security first be considered? - ANSWER - Planning
A cybersecurity architecture designed around the concept of a perimeter
is said to be: - ANSWER - System-Centric
A passive network hub operates at which layer of the OSI model? -
ANSWER - Physical
Updates in cloud-computing environments can be rolled out quickly
because the environment is: - ANSWER - Homogenous
During which phase of the six-phase incident response model is the root
cause determined? - ANSWER - Eradication
pg. 1
,The attack mechanism directed against a system is commonly called
a(n): - ANSWER - Payload
Where should an organization's network terminate virtual private
network (VPN) tunnels? - ANSWER - At the perimeter, to allow for
effective internal monitoring
Which two factors are used to calculate the likelihood of an event? -
ANSWER - Threat and Vulnerability
What kind of anti-malware program evaluates system processes based
on their observed behaviors? - ANSWER - Heuristic
Under the US-CERT model for incident categorization, a CAT-3 incident
refers to which of the following? - ANSWER - Malicious Code
Securing Supervisory Control and Data Acquisition (SCADA) systems
can be challenging because they: - ANSWER - Operate in specialized
environments and often have non-standard design elements
Virtual systems should be managed using a dedicated virtual local area
network (VLAN) because: - ANSWER - Insecure protocols could result
in a compromise of privileged user credentials
pg. 2
,An interoperability error is what type of vulnerability? - ANSWER -
Emergent
In accordance with AR 25-2, whose responsibility is it to ensure all users
receive initial and annual IA awareness training? - ANSWER - IASO
What is the current DoD repository for sharing security authorization
packages and risk assessment data with Authorizing officials? -
ANSWER - Army Portfolio Management System (APMS)
What are the three main cloud computing service models - ANSWER -
Software as a Service, platform as a Service and Infrastructure as a
Service
What is a Distributed Denial-of-Service attack? - ANSWER - It occurs
when multiple machines are operating together to attack one target
What are the four objectives of planning for security - ANSWER -
Identify, design, test and monitor
What is a Virtual Private Network used for - ANSWER - Allows
employees to connect securely to their network when away from the
office
SSID stands for - ANSWER - Service Set Identifier
pg. 3
, The two common denial-of-service attacks are - ANSWER - rootkits and
botnets
What does LAMP stands for - ANSWER - Linux, Apache, My SQL and
PHP
What are rootkits - ANSWER - A piece of software that can be installed
and hidden on your computer without your knowledge
How often do all cybersecurity workforce personnel take the
Cybersecurity Fundamental training IAW DA PAM 25-2-6 - ANSWER -
Every year
What does an Incident Response Plans allows for - ANSWER - A timely
and controlled response to security incidents, and attempts to mitigate
any damage or lose
According to DoD 8570.01-M, the IA technical category consists of how
many levels? - ANSWER - I, II, & III
_____________your wireless data prevents anyone who might be able to
access your network from viewing it - ANSWER - Encrypting
Identify the security services of cryptography. - ANSWER -
Confidentiality, Integrity, Authentication, and Non-repudiation
pg. 4
